EVP_MD-SHAKE.7ossl - Man Page

The SHAKE / KECCAK family EVP_MD implementations


Support for computing SHAKE or KECCAK-KMAC digests through the EVP_MD API.

KECCAK-KMAC is a special digest that's used by the KMAC EVP_MAC implementation (see EVP_MAC-KMAC(7)).


This implementation is only available with the default provider, and includes the following varieties:


Known names are “KECCAK-KMAC-128” and “KECCAK-KMAC128”


Known names are “KECCAK-KMAC-256” and “KECCAK-KMAC256”


Known names are “SHAKE-128” and “SHAKE128”


Known names are “SHAKE-256” and “SHAKE256”

Gettable Parameters

This implementation supports the common gettable parameters described in EVP_MD-common(7).

Settable Context Parameters

These implementations support the following OSSL_PARAM(3) entries, settable for an EVP_MD_CTX with EVP_MD_CTX_set_params(3):

“xoflen” (OSSL_DIGEST_PARAM_XOFLEN) <unsigned integer>

Sets the digest length for extendable output functions. The length of the “xoflen” parameter should not exceed that of a size_t.

See Also

EVP_MD_CTX_set_params(3), provider-digest(7), OSSL_PROVIDER-default(7)

Referenced By

OSSL_PROVIDER-default.7ossl(7), provider-digest.7ossl(7).

The man page EVP_MD-KECCAK-KMAC.7ossl(7) is an alias of EVP_MD-SHAKE.7ossl(7).

2022-09-01 3.0.5 OpenSSL